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DETAILED ACTION 
Status of Claims 

This communication is in response to remarks and amendments filed on December 6, 
2006. Claims 1, 30 35, 41, 43, 48 and 56 have been currently amended. Thus claims 1-21, 23, 
24, 26-68 and 70-76 remain pending. 

Response to Amendment 

The amendment filed and noted above is objected to under 35 U.S.C. 132(a) because it 
introduces new matter into the disclosure. 35 U.S.C. 132(a) states that no amendment shall 
introduce new matter into the disclosure of the invention. The added material which is not 
supported by the original disclosure is as follows: The examiner has reviewed the specification 
and unable to locate support for the amendments submitted. Moreover, the examiner has 
reviewed the remarks and Applicant has not indicated by page and line number where such 
supports exists. Therefore, Applicant should provide where in the specification by page and line 
number support exists for each of the amendments to the claims. 

Otherwise, Applicant is required to cancel the new matter in the reply to this Office 

Action. 

Response to Arguments 
Applicant's arguments with respect to amended claims have been considered but are moot 
in view of the new ground(s) of rejection. 

Claim Rejections - 35 USC § 103 
The text of those sections of Title 35, U.S. Code not included in this action can be found 
in a prior Office action. 



Application/Control Number: 10/033,716 Page 3 

Art Unit: 3621 

Claims 1-21, 23, 24, 26-68 and 70-76 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Goertzel et ah (hereinafter Goertzel, US 6,308,273 Bl) in view of Shaffer 
et al. (hereinafter Shaffer), US 7,167,553 B2. 

1 . Goertzel discloses a system for enabling remote access to an application server, upon 
authentication of a location from which a user has sought access as an authorized location, for 
enabling processing of a transaction requiring user location authentication, wherein the user 
location includes means for enabling the user to request remote access to the application server, 
the system comprising (column 1, line 55-column 2, line 13): 

• an access server, for receiving and processing a request for access to the application 
server from a user request enabling means, the server adapted to be located remote from 
the user's location (figure 4, 68 remote access server); 

• an authenticator for authenticating the location of the user responsive to receipt of a 
processed request from the access server, the authenticator including a challenge and 
response system for authenticating the location of the user and the authenticator adapted 
to be connected to the access server, (figure 4, 71 location detection mechanism); 

• means for interconnecting the access server and the authenticator (column 5, figure 5 A-B, 
528 lookup number in database; column 7, line 55-column 8, line 4). 

Goertzel does not explicitly disclose a first number authentication mechanism, wherein the 
first number authentication mechanism provides anti-circumvention protection that determines a 
physical location of an originating number to prevent the user from connecting to the access 
server from a physical location other than the user location and wherein the first number 
authenticating system is a non-global positioning satellite system. 
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Shaffer, however, teaches a communication system and method wherein the location of a 
remote user is determined (columns 16-17). Furthermore, Shaffer utilizes ANI, DNIS and 
geographic identifier in order to determine the identity and location of the caller (see also 
columns 25-29). 

It would have been obvious to one of ordinary skill in the art, at the time of the invention to 
modify the security location discrimination system and methods disclosed by Goertzel and 
further utilize the location determination mechanism of Shaffer, in order to prevent unauthorized 
and illegal access and only service authorized locations, as per teaching of Shaffer (column 1-2). 

Goertzel further discloses : 

2. The system of claim 1, wherein the authenticator comprises an authenticating server 
(figure 14 and associated text). 

3. The system of claim 1, wherein the authenticator includes means for determining the 
identity of the user (column 8, lines 5-13). 

4. The system of claim 1, further comprising means for insuring the user's presence at the 
location (column 10, lines 38-52)). 

5. 44. The system of claim 1 , further comprising means for enabling the user to request remote 
access to the application server (figure 1 and associated text, 49 remote computer). 
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6. The system of claim 1, wherein the interconnecting means comprise a network (figure 1 
and associated text). 

7,45. The system of claim 2, wherein the authenticating server includes a database of 
authorized locations, for enabling verification of the location of the user as an authorized user 
location (figure 4, database or registered numbers 74) 

8. The system of claim 2, wherein the authenticating server comprises a Remote Access 
Dial-In User Service (RADIUS) server (figure 5B). 

9, 36. The system of claim 3, wherein the user identity determining means comprise a challenge 
and response system (column 16, lines 35-47; figure 13). 

10,42,57. The system of claim 4, wherein the user presence insuring means 

comprise a card for identifying the user, and a reader for reading the user identifying card, 

adapted to be connected to the user access request enabling means at the user location (column 3- 

4). 



1 1 . The system of claim 5, wherein the user request enabling means comprise an interface 
station (figure 1 and associated text, API 36, monitor 47). 
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12. The system of claim 5, wherein the user request enabling means comprise a client 
(column 4, lines 5-49). 

13. The system of claim 5, wherein the user request enabling means include a location 
identifier (column 4, lines 50-column 6, line 50). 

14, 37. The system of claim 5, wherein the authenticating means are adapted to issue a security 
challenge to the user request enabling means, and the user request enabling means are further 
adapted to interrogate the security challenge, to generate a response, and to transmit the response 
to the authenticator (column 16-17). 

15, 46. The system of claim 5, wherein the user request enabling means include an identifier 
associated with the user's location, and the authenticator comprises means for authenticating the 
identifier associated with the user's location (column 4, lines 50-column 6, line 50). 

16. The system of claim 5, wherein the user request enabling means include a dialer, located 
at the user's location, and wherein the dialer includes a number associated therewith (Figure 5B) 

17, 47. The system of claim 5, wherein the user request enabling means comprise a plurality of 
user request enabling means, and the interconnecting means comprise a network comprising an 
intranet which includes at least one local area network, adapted to interconnect at least one of the 
plurality of user request enabling means and the access server (figures 1, 2, and associated text). 
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18. The system of claim 5, wherein the interconnecting means are further adapted to 
interconnect the user request enabling means (figure 1, 2 and associated text). 

19. The system of claim 6, wherein the network comprises an intranet (figure 2 and 
associated text). 

20. The system of claim 6, wherein the network comprises the Internet (figure 2 and 
associated text). 

21. 38. The system of claim 8, further comprising means for enabling the user to request remote 
access to the application server, wherein the authenticating server is further adapted to issue a 
security challenge to the user request enabling means (see above cited corresponding sections). 

23, 31. The system of claim 16, wherein the authenticator comprises a number identifier for 
identifying the number associated with the dialer located at the user's location (see above cited 
corresponding sections). 

24, 32. The system of claim 16, wherein a dialing system includes a plurality of numbers each 
associated with one of a plurality of dialers adapted to enable dialing therefrom and each dialer 
associated with a different user location, and the authenticator further comprises means for 
identifying the first number dialed from in the dialing system (column 1). 
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26 ? 39. The system of claim 21 , wherein the user request enabling means are adapted to issue a 
response to the security challenge, and the authenticating means include a database for enabling 
verification of the response of the user request enabling means to the security challenge (see 
above cited corresponding sections). 

27, 33. The system of claim 23, wherein the number identifier comprises Automatic Number 
Identification (column 7, lines 55-59). 

28, 34. The system of claim 24, wherein the first number identifying means comprises Dialed 
Number Identification Services (Figure 5B). 

29, 40. The system of claim 26, wherein the authenticator is further adapted to verify the 
response of the user request enabling means to the security challenge based on the database in 
the authenticator, and to authorize access to the application server (see above cited corresponding 
sections). 

30, 35. Goertzel discloses a system for enabling remote access to an application server, upon 
authentication of a location from which a user has sought access as an authorized location, for 
enabling processing of a transaction requiring user location authentication, wherein the user 
location includes means for enabling the user to request remote access to the application server, 
the system comprising: 
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• an access server, for receiving and processing a request for access to the application 
server from a user request enabling means, the server adapted to be located remote from 
the user's location (see above cited corresponding sections); 

• an authenticator for authenticating the location of the user responsive to lOreceipt of the 
processed request from the access server, the authenticator adapted to be connected to the 
access server, the authenticator including a Remote Access Dial-In Service (RADIUS) 
server and a challenge and response system for authenticating the location of the user (see 
above cited corresponding sections); 

• means for interconnecting the access server and the authenticator (see above cited 
corresponding sections); and 

• means for enabling the user to request remote access to the application server, such 
means including a dialer, located at the user's location, wherein the dialer includes a 
dialing number associated therewith; and (see above cited corresponding sections) 

Goertzel does not explicitly disclose a first number authentication mechanism, wherein the 
first number authentication mechanism provides anti-circumvention protection that determines a 
physical location of an originating number to prevent the user from connecting to the access 
server from a physical location other than the user location and wherein the first number 
authenticating system is a non-global positioning satellite system. 

Shaffer, however, teaches a communication system and method wherein the location of a 
remote user is determined (columns 16-17). Furthermore, Shaffer utilizes ANI, DNIS and 
geographic identifier in order to determine the identity and location of the caller (see also 
columns 25-29). 
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It would have been obvious to one of ordinary skill in the art, at the time of the invention to 
modify the security location discrimination system and methods disclosed by Goertzel and 
further utilize the location determination mechanism of Shaffer, in order to prevent unauthorized 
and illegal access and only service authorized locations, as per teaching of Shaffer (column 1-2). 

41. Goertzel discloses a system for enabling remote access to an application server, upon 
authentication of a location from which a user has sought access as an authorized location, for 
enabling processing of a transaction requiring user location authentication, wherein the user 
location includes means for enabling the user to request remote access to the application server, 
the system comprising: 

• an access server, for receiving and processing a request for access to the application 
server from a user request enabling means, the server adapted to be located remote from 
the user's location (see above cited corresponding sections); 

• an authenticator for authenticating the location of the user with a challenge and response 
system adapted to be connected to the access server (see above cited corresponding 
sections); 

• a means for interconnecting the access server and the authenticator (see above cited 
corresponding sections); 

• a means for insuring the user's presence at the location that comprises a card for 
identifying the user and a reader for reading the user identifying card, the reader adapted 
to be connected to the user access request enabling means at the user location; (see above 
cited corresponding sections). 
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Goertzel does not explicitly disclose a first number authentication mechanism, wherein the 
first number authentication mechanism provides anti-circumvention protection that determines a 
physical location of an originating number to prevent the user from connecting to the access 
server from a physical location other than the user location and wherein the first number 
authenticating system is a non-global positioning satellite system. 

Shaffer, however, teaches a communication system and method wherein the location of a 
remote user is determined (columns 16-17). Furthermore, Shaffer utilizes ANI, DNIS and 
geographic identifier in order to determine the identity and location of the caller (see also 
columns 25-29). 

It would have been obvious to one of ordinary skill in the art, at the time of the invention to 
modify the security location discrimination system and methods disclosed by Goertzel and 
further utilize the location determination mechanism of Shaffer, in order to prevent unauthorized 
and illegal access and only service authorized locations, as per teaching of Shaffer (column 1-2). 

43. Goertzel discloses a system for enabling remote access to an application server, upon 
authentication of a location from which a user has sought access as an authorized location, for 
enabling processing of a transaction requiring user location authentication, wherein the user 
location includes means for enabling the user to request remote access to the application server, 
the system comprising: 

• an access server, for receiving and processing a request for access to the application 

server from a user request enabling means, the server adapted to be located remote from 

the user's location (see above cited corresponding sections); 
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• an authenticating server for authenticating the location of the user responsive to receipt of 
the processed request from the access server via a challenge and response system, the 
authenticating server adapted to be connected to the access server (see above cited 
corresponding sections); and 

• a network for interconnecting the access server and the authenticating server (see above 
cited corresponding sections) 

Goertzel does not explicitly disclose a first number authentication mechanism, wherein the 
first number authentication mechanism provides anti-circumvention protection that determines a 
physical location of an originating number to prevent the user from connecting to the access 
server from a physical location other than the user location and wherein the first number 
authenticating system is a non-global positioning satellite system. 

Shaffer, however, teaches a communication system and method wherein the location of a 
remote user is determined (columns 16-17). Furthermore, Shaffer utilizes ANI, DNIS and 
geographic identifier in order to determine the identity and location of the caller (see also 
columns 25-29). 

It would have been obvious to one of ordinary skill in the art, at the time of the invention to 
modify the security location discrimination system and methods disclosed by Goertzel and 
further utilize the location determination mechanism of Shaffer, in order to prevent unauthorized 
and illegal access and only service authorized locations, as per teaching of Shaffer (column 1-2). 

48. Goertzel discloses a method of enabling remote access to an application server, upon 
authentication of a location from which a user has sought access thereto as an authorized 
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location, for enabling processing of a transaction requiring user location authentication, wherein 
the user location includes means for enabling the user to request remote access to the application 
server, in a system which comprises an access server, for receiving and processing a request for 
access to the application server from user request enabling means, adapted to be located remote 
from the user's location, an authenticator for authenticating the identity and the location of the 
user responsive to receipt of the processed request from the access server, adapted to be 
connected to the access server, and means for interconnecting the access server and the 
authenticator, wherein the method comprises: 

• requesting an access server to enable a user tat a user's location to access the application 
server (see above cited corresponding sections) 

• authenticating the location of the user via the authenticator (see above cited 
corresponding sections); . 

• authenticating the identity of the user via the authenticator; and 

• determining in the authenticator whether to enable the user to access the application 
server based on the authenticating of the user's location (see above cited corresponding 
sections); and 

Goertzel does not explicitly disclose a first number authentication mechanism, wherein the 
first number authentication mechanism provides anti-circumvention protection that determines a 
physical location of an originating number to prevent the user from connecting to the access 
server from a physical location other than the user location and wherein the first number 
authenticating system is a non-global positioning satellite system. 
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Shaffer, however, teaches a communication system and method wherein the location of a 
remote user is determined (columns 16-17). Furthermore, Shaffer utilizes ANI, DNIS and 
geographic identifier in order to determine the identity and location of the caller (see also 
columns 25-29). 

It would have been obvious to one of ordinary skill in the art, at the time of the invention to 
modify the security location discrimination system and methods disclosed by Goertzel and 
further utilize the location determination mechanism of Shaffer, in order to prevent unauthorized 
and illegal access and only service authorized locations, as per teaching of Shaffer (column 1-2). 

Claims 22, 25 and 69 are rejected under 35 U.S.C 103(a) as being unpatentable over 
Goertzel et al. (hereinafter Goertzel), U.S. Patent 6,508,710 Bl. 

Goertzel discloses a system/method for enabling remote access to an application server, upon 
authentication of a location from which a user has sought access as an authorized location, for 
enabling processing of a transaction requiring user location authentication, wherein the user 
location includes means for enabling the user to request remote access to the application server, 
the system comprising (column 1, line 55-column 2, line 13): 

• an access server, for receiving and processing a request for access to the application 
server from a user request enabling means, the server adapted to be located remote from 
the user's location (figure 4, 68 remote access server); 

• an authenticator for authenticating the location of the user responsive to receipt of a 
processed request from the access server, the authenticator adapted to be connected to the 
access server (figure 4, 71 location detection mechanism); 
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• means for interconnecting the access server and the authenticator (column 5, figure 5A-B, 
528 lookup number in database; column 7, line 55-column 8 5 line 4). 

Goertzel does not explicitly disclose a first number authentication mechanism, wherein the 
first number authentication mechanism provides anti-circumvention protection that determines a 
physical location of an originating number to prevent the user from connecting to the access 
server from a physical location other than the user location. 

Shaffer, however, teaches a communication system and method wherein the location of a 
remote user is determined (columns 16-17). Furthermore, Shaffer utilizes ANI, DNIS and 
geographic identifier in order to determine the identity and location of the caller (see also 
columns 25-29). 

It would have been obvious to one of ordinary skill in the art, at the time of the invention 
to modify the security location discrimination system and methods disclosed by Goertzel and 
further utilize the location determination mechanism of Shaffer, in order to prevent unauthorized 
and illegal access and only service authorized locations, as per teaching of Shaffer (column 1-2). 

A cookie is a block of data that a server returns to a client in response to a request from 
the client and commonly used to identify a user and is thus old and well known in the computer 
art. It would have been obvious to one of ordinary skill in the art at the time of the invention to 
implement a cookie as part of the authentication process to efficiently verify the location 
information of a returning user for enabling access. 

US references 6,71 5,080; 6,606,708; 6,5 1 1 ,339 further support the examiner's contention 
that the use of a cookie for the above noted purpose is well-known in the art. 
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Corresponding claims 49-76 are directed to a method of the above claimed invention and 
are therefore rejected as above. 

Although the Examiner has pointed out particular references contained in the prior art(s) of 
record in the body of this action, the specified citations are merely representative of the 
teachings in the art as applied to the specific limitations within the individual claim. Since 
other passages and figures may apply to the claimed invention as well it is respectfully 
requested that the applicant, in preparing the response, to consider fully the entire references 
as potentially teaching all or part of the claimed invention, as well as the context of the 
passage as taught by the prior arts or disclosed by the examiner. 

Conclusion 

THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 . 1 36(a). 

K 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the mailing 
date of this final action. 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Bradley B. Bayat whose telephone number is 571-272-6704. The 
examiner can normally be reached on Tuesday-Friday 8 a.m.-6:30 p.m.. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Andrew Fischer can be reached on 571-272-6779. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 




Bradley B. Bayat 
Primary Examiner 
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